<?php 
/*
系统管理类
集合了对数据库和系统配置的操作界面和方法
*/
class SystemManager {


	public $level;


	function __construct() {
		$this->level = $_SESSION['level'];
	}


	//根据传递的参数执行不同任务

	public function procedure() {
		$action = $_GET['Action'];
		if ($action=="") return;

		switch ($action) {
		case "addadmin":
			$this->sqlUserAdd(); //AdminADDSQL
			break;
		case "editadmin":
			$this->sqlUserUpdate();
			break;
		case "deladmin":
			$this->sqlUserDel();
			break;
		case "Backup":
			$this->BackupDateBase();
			break;
		case "Admin":
			ChgLoginID();
			break;
		case "Zero":
			Zero();
			break;
		case "DelRaid":
			$this->DelRaid();
			break;
		case "SQL":
			$this->sqlQueryExecute($_POST['sqlstring']);
			break;
		case "dkp":
			basedkp();
			break;
		case "FormDKPplugin":
			FromDKPData();
			break;
		}
	}



	//显示管理账号列表
	public function viewUserManager() {
		if ($this->level != 0) {return false;}
		$html .= "<table class='outframe'>";
		$html .= "<tr><th colspan='5'>DKP系统管理帐号 [<a href='admin_spec.php'>添加新帐号</a>]</th></tr>";
		$html .= "<tr class='coltitle'><td>ID</td><td>Name</td><td>PWD</td><td>Level</td><td>-</td></tr>";
		$sql="select * from admin";
		//if ($Tar=="self") {
		//$sql="select * from admin where Admin_name='".$_SESSION['ULVL']."'";
		//}
		if ($result = mysql_query($sql)) {
			while ($row = mysql_fetch_array($result)) {
				if ($_GET['action']=="editform" && $_GET['id']==$row["id"]) {
					$html .= "<tr><form method='post' action='?action=editadmin'><td><input type='hidden' name='id' value='".$row["id"]."' />".$row["id"]."</td><td><input type='text' name='admin_name' value='".$row["admin_name"]."' /></td><td><input type='text' name='admin_password' value='' /></td><td><input type='text' name='admin_level' value='".$row["admin_level"]."' /></td><td><input type='submit' value='完 成' /></td></form></tr>";
				}else{
					$html .= "<tr class='".linec($i)."'><td>".$row["id"]."</td><td>".$row["admin_name"]."</td><td>".str_repeat("*",strlen($row["admin_password"]))."</td><td>".$row["admin_level"]."</td><td><a href='?action=editform&amp;id=".$row["id"]."'>编辑</a>";
					if ($row["admin_level"]>"0") {
						$html .= " <a href='?action=deladmin&amp;id=".$row["id"]."'>删除</a>";
					} 
					$html .= "</td></tr>";
				} 
			}
		}else{
			echo "SQL错误 $sql";
			return false;
		}

		if ($_GET['action']=="") {
			$html .= "<tr><form method='post' action='?action=addadmin'><td></td><td><input type='text' name='admin_name' value='' /></td><td><input type='text' name='admin_password' value='' /></td><td><input type='text' name='admin_level' value='' /></td><td><input type='submit' value='添 加' /></td></form></tr>";
		}
		$html .= "<tr><td colspan='5'><b>Level 0:系统管理员 1:公会管理员 2:活动记录员</b><br>系统管理员不能对自身进行降级操作,但可以对除自己以外的系统管理员进行降级</td></tr>";
		$html .= "</table>";
		return $html;
	} 



	public function viewGuildInfoForm() {
		$sql="SELECT * FROM guild LIMIT 0,1";
		if ($result = mysql_query($sql)) {
			$row = mysql_fetch_array($result);

			$Arrpara=explode("|",$row["guild_para"]);
			$html .= "<form action='?action=edit' method='post'>";
			$html .= "<table class='outframe interlace'>";
			$html .= "<tr><th colspan='2'>公会信息</th></tr>";
			$html .= "<tr><td>公会名</td><td><input type='input' name='guild_name' value='".$row["guild_name"]."' size='40'/></td></tr>";
			$html .= "<tr><td>副标题</td><td><input type='input' name='guild_sname' value='".$row["guild_sname"]."' size='35'/></td></tr>";
			$html .= "<tr><td>所在服务器</td><td><input type='input' name='guild_server' value='".$row["guild_server"]."'/> 填入所在服务器名字方能实时反应角色信息</td></tr>";
			$html .= "<tr><td>创立时间</td><td><input type='input' name='guild_createtime' value='".$row["guild_createtime"]."'/></td></tr>";
			$html .= "<tr><td>团队活动次数</td><td><input type='input' name='guild_raidnum' value='".$row["guild_raidnum"]."'/></td></tr>";
			$html .= "<tr><td>界面主题</td><td><select name='guild_style'><option value='style' selected>默认主题</option><option value='style'>无</option></select></td></tr>";

			$html .= "<tr><td>图标URL</td><td><input type='input' name='guild_para01' value='".$Arrpara[1]."' size='55'/></td></tr>";
			$html .= "<tr><td>格式后缀</td><td><input type='input' name='guild_para02' value='".$Arrpara[2]."' size='5'/> 默认:.png</td></tr>";
			$html .= "<tr><td>精度</td><td><select name='guild_para03'><option value='0' ".LogicM($Arrpara[3],"0|1","Selected|","|").">整数</option><option value='1' ".LogicM($Arrpara[3],"0|1","|Selected","|").">保留两位小数</option></select></td></tr>";
			$html .= "<tr><td>留言</td><td><select name='guild_para04'><option value='1' ".LogicM($Arrpara[4],"0|1|2|3","|Selected||","|").">允许留言</option><option value='2' ".LogicM($Arrpara[4],"0|1|2|3","||Selected|","|").">允许在活动安排中留言</option><option value='3' ".LogicM($Arrpara[4],"0|1|2|3","|||Selected","|").">允许在活动报告中留言</option><option value='0' ".LogicM($Arrpara[4],"0|1|2|3","Selected|||","|").">关闭留言功能</option></select></td></tr>";
			$html .= "<tr><td></td><td><b>其余设置参数请用记事本打开config.php进行修改</b></td></tr>";
			$html .= "<tr><td></td><td><input type='submit' value='确定'/></td></tr>";
			$html .= "</table>";
			$html .= "</form>";
			return $html;
		}else{
			echo "/ SQL执行错误 $sql";
			return false;
		} 
	} 






































	public function guild_edit_sql() {
		//添加新的分类
		//验证提交数据有效性
		//数据库字段:
		if (${"guild_name"}=="") {
			$errorinfo=$errorinfo."<li>公会名请不要留空.</li>";
		} 
		if (${"guild_sname"}=="") {
			$errorinfo=$errorinfo."<li>副标题请不要留空.</li>";
		} 
		if (!$IsDate[${"guild_createtime"}]) {
			$errorinfo=$errorinfo."<li>创立时间的格式不正确.</li>";
		} 
		if (!is_numeric(${"guild_raidnum"})) {
			$errorinfo=$errorinfo."<li>活动次数必须为数字.</li>";
		} 
	//if IsValidEmail(request("L_AuthorMail"))<>"true" and request("L_AuthorMail")<>"" then errorinfo=errorinfo & "<li>无效的邮箱地址.</li>"
	//验证///

		if ($errorinfo!="") {

	//抛出错误提示
			print "<p>表单信息有误,提示如下:</p><ul>".$errorinfo."</ul>";
			print "请<a href='".$Url."'>返回</a>重新修改.";
		}
			else
		{

	//写入数据库
			$sql="select * from guild LIMIT 0,1";
			$result = mysql_query($sql);
			if ($result->bof || $result->eof) {
				return false;

			}
			$sql = "UPDATE guild SET 
				guild_name='$_POST[guild_name]', 
				guild_sname='$_POST[guild_sname]', 
				guild_server='$_POST[guild_server]', 
				guild_raidnum='$_POST[guild_raidnum]', 
				guild_DKPrules='$_POST[guild_DKPrules]', 
				guild_style='$_POST[guild_style]', 
				guild_para='$_POST[guild_para01]|$_POST[guild_para02]|$_POST[guild_para03]|$_POST[guild_para04]|5|0|0|0|'
				LIMIT 0,1";
				mysql_query($sql);

			print "修改完成 <a href='".$Url."'>继续修改</a> | <a href='/'>查看列表</a>";
		} 

		return $function_ret;
	} 



	//添加新管理账号
	public function sqlUserAdd() {
		if ($this->level != 0) {return false;}
		$sql = "INSERT INTO admin (admin_name, admin_password, admin_level) VALUES ('".$_POST['admin_name']."', '".sha1($_POST['admin_password'])."', '".$_POST['admin_level']."');";
		if (mysql_query($sql)) {
			return true;
		}else{
			echo "SQL错误 $sql".mysql_error();
			return false;
		}
	} 



	//修改现有管理账号
	public function sqlUserUpdate() {
		if ($this->level != 0) {return false;}
		$sql = "UPDATE admin SET admin_name='".$_POST['admin_name']."', admin_password='".sha1($_POST['admin_password'])."', admin_level='".$_POST['admin_level']."' WHERE id=".$_POST['id'];
		if (mysql_query($sql)) {
			return true;
		}else{
			echo "SQL错误 $sql".mysql_error();
			return false;
		}
	} 


	//成员DKP全部归零
	public function sqlResetDKP() {
		if ($this->level != 0) {return false;}
		$sql="update player set Player_BaseDKP=0";
		if (mysql_query($sql)) { print "所有人员的累计DKP已经归零.<br>";}
		return true;
	} 


	//删除全部活动数据
	public function sqlDelAllRaid() {
		if ($this->level != 0) {return false;}
		$sql="Delete from Raid where 1=1";
		if (mysql_query($sql)) { print "所有活动已删除.<br>";}
		$sql="Delete from dkplist";
		if (mysql_query($sql)) { print "所有活动DKP预存已删除.<br>";}
		$sql="Delete from raid_event";
		if (mysql_query($sql)) { print "所有活动事件已删除.<br>";}
		return true;
	} 



	//删除指定管理账号
	public function sqlUserDel() {
		if ($this->level != 0) {return false;}
		$sql="Select * from admin where id=".$_GET['id'];
		if ($result = mysql_query($sql)) {
			$row = mysql_fetch_array($result);
			if ($row['admin_level']>0 && $this->admin != $row["admin_name"]) { //不能删自己,不能删平级的
				$sql = "Delete from admin where id=".$_GET['id']." LIMIT 0,1";
				if (mysql_query($sql)) {
					return true;
				}else{
					echo "$sql 删除用户时产生错误: ".mysql_error();
					return false;
				}
			}
		}else{
			return false;
		}
	} 


	//执行一条sql语句,需系统管理员才被允许使用
	private function sqlQueryExecute($sqlstring) {
		if ($this->level != 0) {return false;}
		if (mysql_query($sqlstring)) {
			return true;
		}else{
			echo "执行SQL $sqlstring 时产生错误: ".mysql_error();
			return false;
		}
	}



}




?>
